[U-Boot] U-Boot TFTP protection
Simon Glass
sjg at chromium.org
Tue Jun 19 22:03:19 UTC 2018
Hi Stefan,
On 15 June 2018 at 00:44, Stefan Johansson
<stefan.j.johansson at verisure.com> wrote:
>
> Hello,
> We have been looking at protecting U-Boot from (malicious) TFTP overwrites.
> We want to do this after our ARMv7 U-Boot has relocated.
>
> The memory map looks like this (I hope):
>
> --------------------------- Top of DRAM
> | U-Boot (Protected)
> | -------------------------- U_Boot_start
> | Heap (Protected)
> | -------------------------- Start_Heap = U_Boot_start - Heap_Size
> | Stack (Protected)
> | -------------------------- Start_Stack = Start_Heap - Stack_Size
> | Buffers (Protected)
> | -------------------------- ???
> | Free DRAM (Not Protected)
> --------------------------- Start of DRAM
>
> I seem to get lost in the code trying to find possible buffers, can you please give a hint how I can find the address "???"
Well gd->start_addr_sp is the stop of the stack. The size of the stack
is not necessarily fixed and will grow downwards from there. But I
suppose you could set a particular size and protect from start of DRAM
to to the assumed bottom of the stack area.
Regards,
Simon
More information about the U-Boot
mailing list